gitdata.ai/appks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(session): extract SessionConfig and add auto-migration

Browse Source 
- session/config.rs: add SessionConfig struct that pre-validates all
  session configuration values, with build_middleware() for infallible
  middleware construction
- session/middleware.rs: expose parse_same_site as pub(crate)
- session/storage/redis.rs: derive Clone for RedisSessionStore
- main.rs: validate session config before HttpServer loop, use
  SessionConfig::build_middleware() inside closure; add
  sqlx::migrate!() call after database connection
This commit is contained in:
zhenyi
2026-06-10 18:48:55 +08:00
parent b83a842c6f
commit 61dc08c036
4 changed files with 110 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files
session/config.rs
+62 -1
View File
@@ -1,7 +1,68 @@
use actix_web::cookie::SameSite;
use crate::config::AppConfig;
use crate::error::AppResult;
use crate::error::{AppError, AppResult};
use crate::session::SessionMiddleware;
use crate::session::SessionStore;
use crate::session::middleware::parse_same_site;
/// Pre-validated session configuration, safe to build middleware from.
#[derive(Clone)]
pub struct SessionConfig {
cookie_name: String,
cookie_secure: bool,
cookie_http_only: bool,
cookie_same_site: SameSite,
cookie_path: String,
cookie_domain: Option<String>,
max_age_secs: Option<u64>,
ttl_secs: u64,
}
impl SessionConfig {
/// Build a `SessionMiddleware` from pre-validated config (infallible).
pub fn build_middleware<Store: SessionStore + 'static>(
&self,
store: Store,
key: actix_web::cookie::Key,
) -> SessionMiddleware<Store> {
SessionMiddleware::builder(store, key)
.cookie_name(self.cookie_name.clone())
.cookie_secure(self.cookie_secure)
.cookie_http_only(self.cookie_http_only)
.cookie_same_site(self.cookie_same_site)
.cookie_path(self.cookie_path.clone())
.cookie_domain(self.cookie_domain.clone())
.cookie_max_age_secs(self.max_age_secs)
.state_ttl_secs(self.ttl_secs)
.build()
}
}
impl AppConfig {
/// Parse and validate all session configuration values.
pub fn session_config(&self) -> AppResult<SessionConfig> {
let ttl_secs = self.session_ttl_secs()?;
if ttl_secs == 0 {
return Err(AppError::Config(
"APP_SESSION_TTL_SECS must be greater than 0".into(),
));
}
let same_site_str = self.session_cookie_same_site()?;
let cookie_same_site = parse_same_site(&same_site_str)?;
Ok(SessionConfig {
cookie_name: self.session_cookie_name()?,
cookie_secure: self.session_cookie_secure()?,
cookie_http_only: self.session_cookie_http_only()?,
cookie_same_site,
cookie_path: self.session_cookie_path()?,
cookie_domain: self.session_cookie_domain()?,
max_age_secs: self.session_max_age_secs()?,
ttl_secs,
})
}
pub fn session_cookie_name(&self) -> AppResult<String> {
self.get_env_or("APP_SESSION_COOKIE_NAME", "sid".to_string())
}
session/middleware.rs
+1 -1
View File
@@ -473,7 +473,7 @@ fn append_set_cookie(response: &mut ResponseHead, value: String) -> AppResult<()
Ok(())
}
fn parse_same_site(value: &str) -> AppResult<SameSite> {
pub(crate) fn parse_same_site(value: &str) -> AppResult<SameSite> {
match value.trim().to_ascii_lowercase().as_str() {
"strict" => Ok(SameSite::Strict),
"lax" => Ok(SameSite::Lax),
session/storage/redis.rs
+26 -15
View File
@@ -6,6 +6,7 @@ use super::format::{deserialize_session_state, serialize_session_state};
use super::interface::{SessionState, SessionStore};
use super::utils::generate_session_key;
#[derive(Clone)]
pub struct RedisSessionStore {
redis: AppRedis,
}
@@ -18,10 +19,12 @@ impl RedisSessionStore {
impl SessionStore for RedisSessionStore {
async fn load(&self, session_key: &SessionKey) -> Result<Option<SessionState>, AppError> {
let mut conn = self.redis.get_connection()?;
let value: Option<String> = redis::cmd("GET")
let mut conn = self.redis.get_connection();
let value: Option<String> = redis::Cmd::new()
.arg("GET")
.arg(session_key.as_ref())
.query(&mut *conn.inner_mut())?;
.query_async(&mut conn)
.await?;
match value {
None => Ok(None),
@@ -36,12 +39,14 @@ impl SessionStore for RedisSessionStore {
) -> Result<SessionKey, AppError> {
let body = serialize_session_state(&session_state)?;
let session_key = generate_session_key();
let mut conn = self.redis.get_connection()?;
redis::cmd("SETEX")
let mut conn = self.redis.get_connection();
redis::Cmd::new()
.arg("SETEX")
.arg(session_key.as_ref())
.arg(ttl_secs)
.arg(&body)
.query::<()>(&mut *conn.inner_mut())?;
.query_async::<()>(&mut conn)
.await?;
Ok(session_key)
}
@@ -52,29 +57,35 @@ impl SessionStore for RedisSessionStore {
ttl_secs: u64,
) -> Result<SessionKey, AppError> {
let body = serialize_session_state(&session_state)?;
let mut conn = self.redis.get_connection()?;
redis::cmd("SETEX")
let mut conn = self.redis.get_connection();
redis::Cmd::new()
.arg("SETEX")
.arg(session_key.as_ref())
.arg(ttl_secs)
.arg(&body)
.query::<()>(&mut *conn.inner_mut())?;
.query_async::<()>(&mut conn)
.await?;
Ok(session_key)
}
async fn update_ttl(&self, session_key: &SessionKey, ttl_secs: u64) -> Result<(), AppError> {
let mut conn = self.redis.get_connection()?;
redis::cmd("EXPIRE")
let mut conn = self.redis.get_connection();
redis::Cmd::new()
.arg("EXPIRE")
.arg(session_key.as_ref())
.arg(ttl_secs)
.query::<()>(&mut *conn.inner_mut())?;
.query_async::<()>(&mut conn)
.await?;
Ok(())
}
async fn delete(&self, session_key: &SessionKey) -> Result<(), AppError> {
let mut conn = self.redis.get_connection()?;
redis::cmd("DEL")
let mut conn = self.redis.get_connection();
redis::Cmd::new()
.arg("DEL")
.arg(session_key.as_ref())
.query::<()>(&mut *conn.inner_mut())?;
.query_async::<()>(&mut conn)
.await?;
Ok(())
}
}